CySecurity News – Latest Information Security and Hacking Incidents
The infamous Emotet malware has deployed a new module aimed to steal credit card data saved in the Chrome web browser. According to corporate security firm Proofpoint, which discovered the component on June 6, the credit card stealer, which only targets Chrome, has the capacity to exfiltrate the acquired information to several remote command-and-control (C2) servers.
The news comes amid a surge in Emotet activity since it was reactivated late last year after a 10-month pause caused by a law enforcement operation that destroyed its attack infrastructure in January 2021. Emotet, attributed to the threat actor TA542 (aka Mummy Spider or Gold Crestwood), is a sophisticated, self-propagating, and modular trojan that is distributed via email campaigns.
According to Check Point, as of April 2022, Emotet is still the most renowned malware, with a global impact of 6% of organisations worldwide, followed by Formbook and Agent Tesla, with the malware testing new delivery methods using OneDrive URLs and PowerShell in.LNK attachments to circumvent Microsoft’s macro restrictions.
The steady increase in Emotet-related threats is further supported by the fact that the number of phishing emails, which frequently hijack existing correspondence, increased from 3,000 in February 2022 to approximately 30,000 in March, targeting organisations in various countries as part of a large-scale spam campaign. ESET stated tha
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: